8 matches found
WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues. id: CVE-2021-24435 info: name: WordPress Titan Framework plugin =...
EUVD-2010-2272
Malware in sbrugna...
Malicious code in gambit-interface (npm)
--- -= Per source details. Do not edit below this line.=-...
WordPress Plugin Page Builder Sandwich Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
PT-2024-17766 · WordPress · Page Builder Sandwich
Name of the Vulnerable Software and Affected Versions: The Page Builder Sandwich – Front End WordPress Page Builder Plugin versions prior to 5.1.1 Description: The issue allows authenticated attackers with subscriber access and above to insert arbitrary content into existing posts due to a missin...
CVE-2010-2260
Multiple cross-site scripting XSS vulnerabilities in Gambit Design Bandwidth Meter, 0.72 and possibly 1.2, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 viewbyname.php or 2 viewbyip.php in admin/. NOTE: some sources report that the affected product is ShaPlus...
CVE-2010-2260
Multiple cross-site scripting XSS vulnerabilities in Gambit Design Bandwidth Meter, 0.72 and possibly 1.2, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 viewbyname.php or 2 viewbyip.php in admin/. NOTE: some sources report that the affected product is ShaPlus...
CVE-2010-2260
CVE-2010-2260 affects Gambit Design Bandwidth Meter (versions 0.72 and possibly 1.2). The vulnerability is listed as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via PATH_INFO to admin/view_by_name.php or admin/view_by_ip.php. The av...